refs https://github.com/TryGhost/Team/issues/765
This includes the changes to @tryghost/members-csv so that we can read
and write the `product` column from/to csv files. Allowing us to include
products in exports, as well as use them in imports.
- getSubdir, getSiteUrl & getAdminUrl were currently part of @tryghost/url-utils
- They have been split out into their own library, and refactored so that they expect to be bound to nconf
- With this commit we can do e.g. config.getSubdir() rather than needing @tryghost/url-utils
- These functions will be passed to url-utils via DI
- This is the first step in breaking down url-utils into smaller pieces
- This commit only does a single change in Gruntfile.js to use the new funtions - this will be rolled out slowly
refs https://github.com/TryGhost/Team/issues/748
This updates the @tryghost/members-api MemberRepository to stop ignoring
the `products` data passed to write operations, and to attach products
directly to members. As this logic is part of a new feature, we are
maintaining existing functionality by deleting the products data when
the feature flag is not enabled.
This functionality allows us to give members complimentary access to a
product without needing to use a Stripe Subscription internally.
refs https://github.com/TryGhost/Team/issues/781
refs https://github.com/TryGhost/Team/issues/774
- Previous versions of gscan weren't able to detect partial usage inside
of a heprer, e.g.: "{{#if author}}{{> "missingpartial"}}{{/if}}". It's
important to be able to detect these on theme upload/validation stage to
avoid errors during the runtime.
- The updated version provides additional information about used and
unused partials and helpers.
- With this change users might start seeing a "fatal" error during an
upload/activation of a theme previously passing validation. Currently
active themes with partials used in the context will still allow for a
boot, but will log a 422 error pointing to missing partial.
no issue
Fixes the build - as test checks for instanceof ValidationError, and
we were using 2 versions of @tryghost/errors between Ghost and
@tryghost/validator.
refs https://github.com/TryGhost/Team/issues/775
As we currently do not delete canceled subscriptions and they are
exposed via the API, this functionality has been added to the
editSubscription controller method under the PUT HTTP method.
The cancelSubscription method in @tryghost/members-api was updated to
handle deleting by member id
- Part of the effort to split Ghost down into smaller, decoupled pieces
- Moved out our internal validator tooling to a separate library
- Replaced all usage of our own tooling and validatorjs directly with @tryghost/validator
- Removed the validatorjs dependency and removed the renovate pin
- This gives us a consistant, smaller, clearer public API for validations
- It will eventually be used on Ghost Admin too
- This way we can start getting up to date with validator whilst not increasing build size
no issue
The only pieces of Ghost-Ignition used in Ghost were debug and
logging. Both of these modules have been superceded by the Framework
monorepo, and all usages of Ignition have now been removed, replaced
with @tryghost/debug and @tryghost/logging.
- validator has seen a lot of change, this one bump is safe
- after this we need to go through and make API updates as isURL has changed quite significantly!
no issue
Part of the effort to split ghost into smaller, decoupled parts. The
@root-utils package lets us avoid hard-coding a path to package.json,
and means that the ghost-version.js file could eventually be moved
into a separate module.
This commit uses a patched version of @tryghost/root-utils which
checks for the existence of a `current` directory, as used in
Ghost-CLI. Since this is very specific to Ghost and Ghost CLI, there's
a new method called "getGhostRoot" for this purpose.
refs:
- cf15f60085
- dd20cc649b
- ccf27f7009
- abf146d61f
- 2b54c92a14
- bb029a53f6
- 95bd7ee675
- 9018b4df22
- df01a6e5f4
- d313726b34
- these plugins were in a state where they were independent enough to be
pulled out into their own packages, which is what we did in the
referenced commits above
- each package is named like `@tryghost/bookshelf-<plugin>`
- to avoid requiring multiple packages into Ghost, we've also created a
wrapper package called `@tryghost/bookshelf-plugins` which re-exports
all these plugins, so the changes in Ghost are very simple - dbebdd43b5
- this commit deletes the plugins + tests, and replaces with our new
package with some minor code changes
no issue
Part of the effort to split ghost into smaller, decoupled parts. The
@root-utils package lets us avoid hard-coding a path to package.json,
and means that the ghost-version.js file could eventually be moved
into a separate module.
refs https://github.com/TryGhost/Team/issues/770
We want post feature image functionality to better match what's available inside the editor, to do that we'll need somewhere to store alt and caption meta data. `posts_meta` chosen because even though we want to make this generic for other tables in the future those tables also have a `feature_image` (or closely related) field.
- updated schema with new columns
- added migration to create columns
- cleaned new columns from API output
- not output on v2/v3
- conditionally output on v4/canary output based on labs flag
- bumped `@tryghost/admin-api-schema` to allow new columns through in canary API requests
- silently clean properties from input when labs flag is disabled
- updated acceptance tests so they fail if `admin-api-schema` is not letting the new fields through
- The underlying package-json package has had i18n ripped out using the new tpl utility instead
- It's also then been refactored to not be a class that needs instantiating
- This means it can be required directly and its public interface methods used where needed
- This is a much nicer, neater pattern for what is a mature utility library :)
refs 971ac479dc
- `@tryghost/tpl` was accidentally placed in `devDependencies` but
Ghost needs this to run so it would cause Ghost-CLI to fail when it
only installs `dependencies`
- this commit moves the dependency to `dependencies`
- also pins the dependency to `0.1.0`
- We are going to get rid of the internal i18n tool because it doesn't solve a real use case
- Instead, we have a new tpl utility that does basic string interpolation
- This pattern will make it easier for us to decouple the codebase, and the new tool helps to keep the refactor surface area really small
- This is the first example of using the new tpl helper, so it also adds @tryghost/tpl
no issue
- `cssnano` requires `postcss` as a peer dependency which was causing warnings when running `yarn`
- `postcss` was available because it's a sub-dependency of `sanitize-html` so nothing was broken but explicitly adding it to `package.json` resolves the warnings
refs https://github.com/TryGhost/Team/issues/712
The ProductRepository in members-api has been updated to accept
monthly_price & yearly_price when creating and updating products, as
well as including them when reading.
refs https://github.com/TryGhost/Team/issues/728
- The code of update check has been extracted into it's own package as a part of TryGhost/Core monorepo. This commit is a cleanup of the leftover files
refs https://github.com/TryGhost/Team/issues/711
Since we need to support multiple products, which will each have a
monthly and yearly price, we are moving away from storing these ids in
settings, and instead in a column on the products table. The migration
depends on the settings being prepopulated, which is done outside of
knex-migrator, in members-api, so this migration must also be done there.
no issue
- includes sub-dependency bumps for `markdown-it` packages for markdown renderer bug fixes and to keep Ghost and Admin markdown rendering in sync
refs https://github.com/TryGhost/Team/issues/704
Previously a customer message was not passed, and the default message
was used. This made a reference to, "someone else is editing the post"
which is incorrect in this context! The members-api has been updated
with an appropriate error message, with a link to our documentation.
refs https://github.com/TryGhost/Team/issues/704
Currently when attempting to create stripe_prices without a Stripe
connection, it will fail silently. This is an issue when initially
configuring Members as the Stripe connection can take some time to be
established. By erroring we allow the client to be notifed that the
connection does not yet exist, so that it can be retried later.
refs f51c640fb0
- This should not affect any of the current code but should improve edge case errors related to "allowlist" types of limits
- See referenced commit for details when this edgecase was happening
refs https://github.com/TryGhost/Team/issues/635
This is to ensure we don't break migrations for any sites which have
imported external subscriptions which have an interval of 'week' or
'day'
The bump to members-api includes the handling of these intervals for
ongoing population of mrr events
refs https://github.com/TryGhost/Team/issues/698
The migrations to populate these settings are handled by the members-api
module, as they depend on the stripe_prices table being populated. This
cannot be guarunteed at boot, so we're unable to do this as a standard
migration.
refs https://github.com/TryGhost/Team/issues/687
- The frontmatter field has leaked into the API layer unintentionally when it was introduced into the DB schema during 4.0 release.
- The fix add the field to "trim" list in all API. A proper validation and handling will be add per API as usecase for the field becomes clear
refs https://github.com/TryGhost/Team/issues/581
closes https://github.com/TryGhost/Team/issues/582
Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings.
As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label.
- removed enum validations for `visibility` so it now accepts any string or `null`
- bumped `@tryghost/admin-api-schema` for API-level validation changes
- added nql validation to API input validators by running the visibility query against the members model
- added transform of NQL to special-case visibility values when saving post model
- ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment
- useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected
- updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match
- bumped @tryghost/members-api to include label and product data when loading member
refs https://github.com/TryGhost/Team/issues/588
- This is a new type of limit allowing to measure resource use (e.g. sent emails) per period (e.g. subscription, billing, cycle, etc)
- To enable periodical limit add following values under `hostSettings.limits`:
```
"emails": {
"maxPeriodic": 10,
"error": "Your plan supports up to {{max}} emails. Please upgrade to reenable sending emails."
}
```
and following under `hostSettings.subscription`:
```
"subscription": {
"start": "2020-04-02T15:53:55.000Z",
"interval": "month"
}
```
- Above config would allow checking if 10 emails per month starting on the 2nd of every month has been reached untill now
refs: https://github.com/TryGhost/Ghost/commit/7bce05ab8
- I wrote a custom plugin for the no-cross-requires logic between our modules after not finding anything that could do it
- Then, when searching for the next rule I wanted, I found eslint-plugin-ghost has no-restricted-requires
- This rule is more flexible, so switching to it
- NOTE: This update to eslint-plugin-ghost also fixes performance of linting our test files by pinning eslint-plugin-mocha to v7 as v8 has performance problems
refs 37ebe723c6
- `package-json` was a standalone library using dependency injection so
we could pull it out into its own package in Utils
- this was done in the commit referenced above
- this commit removes the implementation and tests in Ghost and replaces
the require in the initialization wrapper with the new package
refs https://github.com/TryGhost/Team/issues/588
- This bump allows to pass configuration for "emails" limit (flag type for now) and allows to do checks against this limit as a consequence
- Useful to be able to do basic checks for newsletter-related functionality
refs: 7e787ef807
- bumps eslint-plugin-ghost to 2.1.0 which adds the code for a new custom rule
- adds configuration to our eslint file to enable the rule in a very soft mode for now
- this rule is intended to enforce not tightly coupling the server and frontend
- the intention is to make it stricter over time as the number of cross requires reduces
- enabling this rule temporarily and running lint is a nice way to grok just how tightly coupled things are at the moment
refs https://github.com/TryGhost/Team/issues/628
After a recent bump to Stripe API version used by Members service - 2020-08-27 - importing paid members via CSV in ghost was not working correctly due to missing subscriptions object in customer data fetched from Stripe. Stripe had updated the customer resource to not include the subscriptions data by default which is now patched to always include in Ghost.
refs https://github.com/TryGhost/Team/issues/591
refs ffe24a728c
It's possible to have sites which still have customer subscriptions in their DB from old Stripe accounts, most likely added when we allowed Stripe Direct, as those subscriptions were not cleaned up. While populating stripe prices and products for existing subscriptions, we want to ignore these old subscriptions which are not part of current Stripe account instead of throwing error and halting the one off migration which we currently do.
The population script will re-run again as long as no new subscriptions are created between the last release and this, and there were no old invalid plans in DB, which is a very unlikely edge case so the data will eventually re-populate correctly.
issue https://github.com/TryGhost/Team/issues/614
- Users who have a password can directly sign-in via oauth
- User who are logged-in get their password disabled
- Users accepting an invitation get their password disabled
- The way we disable password is by setting it to a long random password
refs https://github.com/TryGhost/Team/issues/619
- Bumps `@tryghost/members-api` to `1.3.0` which adds a one-off migration to populate missing stripe prices and products
- Bumps patch versions on `@trghost/members-ssr` and `@tryghost/magic-link` to 1.02
refs https://github.com/TryGhost/Team/issues/616
This adds the schema for the Products Admin API to be used as the input
validation, and adds support for the `products` property on the Members
Admin API
Co-authored-by: Renovate Bot <bot@renovateapp.com>
no issue
- `tmp` 0.1.0 was broken and I added `tmp` to the Renovate ignore list
to stop it creating PRs - 082160106a
- 0.2.1 is fixed again so we can merge the update and remove it from the
list
no issue
- we've been unpinning dependencies in our libraries to remove
duplicates
- this commit bumps packages from the Utils repo and NQL, all of which
contain changes to unpin their own dependencies
no issue
- I recently unpinned dependencies in the Utils monorepo so we can avoid
multiple versions of the same package
- this commit bumps all the packages that I published, that do not have
other changes. Other team members should merge these
- this reverts commit 1962fb6140
- I accidentally merged this thinking we were all good, but it turns out
it needs Node >= 10.16, which we can't do until we drop Node 10 on
April 20th 2021
- this is soon, but for now we need to revert